Overview
Users of therequiresAuth middleware, either directly or through the default authRequired option, are vulnerable to an Open Redirect when the middleware is applied to a catch all route.
If all routes under example.com are protected with the requiresAuth middleware, a visit to http://example.com//google.com will be redirected to google.com after login because the original url reported by the Express framework is not properly sanitised.
Am I affected?
You are affected by this vulnerability if you are using therequiresAuth middleware on a catch all route or the default authRequired option and express-openid-connect version <=2.7.1.
How to fix that?
Upgrade to version>=2.7.2